|
|
|
|
@ -12,12 +12,12 @@ function sha1(string){
|
|
|
|
|
var view = new DataView(buffer);
|
|
|
|
|
for (var i = 0; i < view.byteLength; i += 4) {
|
|
|
|
|
// Using getUint32 reduces the number of iterations needed (we process 4 bytes each time)
|
|
|
|
|
var value = view.getUint32(i)
|
|
|
|
|
var value = view.getUint32(i);
|
|
|
|
|
// toString(16) will give the hex representation of the number without padding
|
|
|
|
|
var stringValue = value.toString(16)
|
|
|
|
|
var stringValue = value.toString(16);
|
|
|
|
|
// We use concatenation and slice for padding
|
|
|
|
|
var padding = '00000000'
|
|
|
|
|
var paddedValue = (padding + stringValue).slice(-padding.length)
|
|
|
|
|
var padding = '00000000';
|
|
|
|
|
var paddedValue = (padding + stringValue).slice(-padding.length);
|
|
|
|
|
hexCodes.push(paddedValue);
|
|
|
|
|
}
|
|
|
|
|
// Join all the hex strings into one
|
|
|
|
|
@ -30,25 +30,25 @@ function hibpCheck(pwd){
|
|
|
|
|
sha1(pwd).then(function(hash){
|
|
|
|
|
// We send the first 5 chars of the hash to hibp's API
|
|
|
|
|
const req = new XMLHttpRequest();
|
|
|
|
|
req.open('GET', 'https://api.pwnedpasswords.com/range/'+hash.substr(0, 5));
|
|
|
|
|
req.setRequestHeader('Add-Padding', 'true');
|
|
|
|
|
req.addEventListener("load", function(){
|
|
|
|
|
// When we get back a response from the server
|
|
|
|
|
// We create an array of lines and loop through them
|
|
|
|
|
const resp = this.responseText.split('\n');
|
|
|
|
|
const lines = this.responseText.split("\n");
|
|
|
|
|
const hashSub = hash.slice(5).toUpperCase();
|
|
|
|
|
for(index in resp){
|
|
|
|
|
for (var i in lines){
|
|
|
|
|
// Check if the line matches the rest of the hash
|
|
|
|
|
if(resp[index].substring(0, 35) == hashSub){
|
|
|
|
|
const val = resp[index].split(":")[1]
|
|
|
|
|
if (lines[i].substring(0, 35) == hashSub){
|
|
|
|
|
const val = parseInt(lines[i].trimEnd("\r").split(":")[1]);
|
|
|
|
|
if (val > 0) {
|
|
|
|
|
$("#pwned").value = val;
|
|
|
|
|
$("#pwned").val(val);
|
|
|
|
|
}
|
|
|
|
|
return; // If found no need to continue the loop
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$("#pwned").value = 0;
|
|
|
|
|
$("#pwned").val(0);
|
|
|
|
|
});
|
|
|
|
|
req.open('GET', 'https://api.pwnedpasswords.com/range/'+hash.substr(0, 5));
|
|
|
|
|
req.setRequestHeader('Add-Padding', 'true');
|
|
|
|
|
req.send();
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
@ -126,15 +126,16 @@ $('document').ready(function() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (window.isSecureContext) {
|
|
|
|
|
$("#pw").change(function(){
|
|
|
|
|
hibpCheck($("#pw").value);
|
|
|
|
|
$("#pw").on("change paste", function(){
|
|
|
|
|
hibpCheck($(this).val());
|
|
|
|
|
return true;
|
|
|
|
|
});
|
|
|
|
|
$("#pw").closest("form").submit(function(event){
|
|
|
|
|
if($("#pwned").value > -1) {return;};
|
|
|
|
|
if (parseInt($("#pwned").val()) < 0) {
|
|
|
|
|
event.preventDefault();
|
|
|
|
|
hibpCheck($("#pw").value);
|
|
|
|
|
hibpCheck($("#pw").val());
|
|
|
|
|
event.trigger();
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
Alexander Graf
2 years ago